Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
File: 25d38479-752d-418e-a4fb-397c5aa432f8.roa (raw, json)
Hash identifier: Idr3qH9+CItCs6yxAxZnsBQYnQMsVPTkMDpTFsSueDQ=
Subject key identifier: 62:9D:5D:A0:6C:56:CF:21:3B:C5:C3:C3:F1:14:8F:B5:DF:F1:93:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 34C7DD69AD8B3537669809575EA64D7C0209D90F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
Signing time: Tue 26 Aug 2025 17:11:18 +0000
ROA not before: Tue 26 Aug 2025 17:11:18 +0000
ROA not after: Tue 30 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:c7:dd:69:ad:8b:35:37:66:98:09:57:5e:a6:4d:7c:02:09:d9:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 26 17:11:18 2025 GMT
Not After : Sep 30 23:59:59 2025 GMT
Subject: serialNumber=84d39a98f48f9bb50fbef1ea8cd0db10619641d6153d0d207e6edb9e1172edd8, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8f:ee:14:02:e4:21:0c:cd:bc:2f:f9:dd:b1:
bd:aa:91:97:66:90:32:e8:90:f4:37:aa:de:87:02:
a5:fb:3e:d9:12:12:f9:cb:a4:da:e1:f6:e0:ab:e4:
44:6a:c1:3e:8a:cc:bc:c7:13:aa:87:ea:be:49:f0:
3b:f4:ee:d8:a4:40:b9:b3:4e:c6:00:40:6f:f8:20:
67:8f:e4:34:2a:3f:9e:a6:e7:ad:23:15:a2:25:76:
e3:08:0c:4d:1e:31:d8:a2:3a:44:43:3a:30:71:4a:
d1:10:f4:e5:65:d5:cc:d8:f1:aa:d5:78:4e:5b:e7:
6e:f5:97:9e:f5:14:85:ed:ed:10:97:37:54:73:b4:
15:20:f7:07:53:39:fa:bb:aa:02:47:48:85:d2:9c:
36:f9:9a:c3:69:ef:4b:0a:ba:57:0f:ff:a4:11:3d:
37:61:29:ae:f6:44:6a:4a:09:2e:51:a3:23:b1:c5:
5e:70:e1:48:62:2d:a3:ca:0a:f6:71:83:4b:93:26:
54:c6:3b:51:fb:8a:94:40:2e:90:94:35:29:67:78:
35:69:32:29:d0:a3:59:84:d1:31:0f:16:30:b2:bb:
86:21:a3:7e:49:3e:71:9f:df:cb:fd:4a:93:ce:6f:
5e:07:60:72:aa:07:d0:7d:29:cd:4b:44:74:6b:29:
d7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9D:5D:A0:6C:56:CF:21:3B:C5:C3:C3:F1:14:8F:B5:DF:F1:93:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d38479-752d-418e-a4fb-397c5aa432f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:800::/40
Signature Algorithm: sha256WithRSAEncryption
83:94:0d:6e:d8:60:74:9d:5a:61:0b:69:ae:41:95:a2:a1:1c:
6e:ff:ca:fa:89:43:ed:85:94:6e:80:92:97:88:df:c9:b3:9c:
5f:db:4e:3e:95:e5:6f:6d:92:c8:27:43:a5:2a:bb:1f:53:ef:
f5:a5:9b:5b:00:d8:e8:fb:6b:7d:14:16:d8:0f:0b:bc:53:cc:
fb:a1:59:f8:98:3d:bc:6a:dd:b0:2a:e2:64:d9:8d:fb:3f:99:
fc:15:c6:39:37:88:1f:f5:00:a9:4b:86:41:67:3f:d0:4e:b0:
d0:83:00:3a:ee:eb:d2:a2:74:00:5a:b2:ff:a7:5d:0e:04:2d:
2b:f1:73:ae:fb:25:da:02:d2:72:5f:37:72:8b:3e:46:13:2d:
d0:07:01:c2:eb:03:1d:41:df:46:ad:8d:9b:e5:ba:56:1a:b1:
29:e3:b0:f9:5c:ad:10:20:11:db:94:d3:48:4d:e8:0f:f6:8d:
29:13:be:54:38:69:ae:62:a4:aa:ee:be:61:f0:7f:36:9e:65:
0c:f0:c1:90:0a:03:c0:8e:57:a0:32:d2:5c:f0:af:bd:f8:d3:
16:19:d4:3f:08:cf:82:d9:fd:69:e6:1f:82:06:2d:b4:2a:f9:
e6:9c:17:c0:88:15:32:f3:c9:4f:2e:e5:84:3e:16:d4:3d:61:
a0:e3:c0:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNMfdaa2LNTdmmAlXXqZNfAIJ2Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MjYxNzExMThaFw0yNTA5MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0ZDM5YTk4ZjQ4ZjliYjUwZmJlZjFlYThjZDBkYjEwNjE5NjQxZDYxNTNk
MGQyMDdlNmVkYjllMTE3MmVkZDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuP7hQC5CEMzbwv+d2xvaqRl2aQMuiQ9Deq3ocCpfs+2RIS+cuk2uH24Kvk
RGrBPorMvMcTqofqvknwO/Tu2KRAubNOxgBAb/ggZ4/kNCo/nqbnrSMVoiV24wgM
TR4x2KI6REM6MHFK0RD05WXVzNjxqtV4TlvnbvWXnvUUhe3tEJc3VHO0FSD3B1M5
+ruqAkdIhdKcNvmaw2nvSwq6Vw//pBE9N2EprvZEakoJLlGjI7HFXnDhSGIto8oK
9nGDS5MmVMY7UfuKlEAukJQ1KWd4NWkyKdCjWYTRMQ8WMLK7hiGjfkk+cZ/fy/1K
k85vXgdgcqoH0H0pzUtEdGsp19UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRinV2g
bFbPITvFw8PxFI+13/GTwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkMzg0NzktNzUyZC00MThlLWE0ZmItMzk3YzVhYTQzMmY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DII
MA0GCSqGSIb3DQEBCwUAA4IBAQCDlA1u2GB0nVphC2muQZWioRxu/8r6iUPthZRu
gJKXiN/Js5xf204+leVvbZLIJ0OlKrsfU+/1pZtbANjo+2t9FBbYDwu8U8z7oVn4
mD28at2wKuJk2Y37P5n8FcY5N4gf9QCpS4ZBZz/QTrDQgwA67uvSonQAWrL/p10O
BC0r8XOu+yXaAtJyXzdyiz5GEy3QBwHC6wMdQd9GrY2b5bpWGrEp47D5XK0QIBHb
lNNITegP9o0pE75UOGmuYqSq7r5h8H82nmUM8MGQCgPAjlegMtJc8K+9+NMWGdQ/
CM+C2f1p5h+CBi20KvnmnBfAiBUy88lPLuWEPhbUPWGg48B8
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:07 2025 by rpki-client